28 Simple Steps to Protect Your Database – #1. Directly Monitor Your Financial Database
Rather than monitor your network, where rogue users can gain untraceable access to your data, monitor your financial databases. Make sure your tools can identify, provide alerts and help you respond to unusual activities on a near real-time basis.
38 Simple Steps to Protect Your Database – #2. Assess and Remediate Weaknesses
Many databases are vulnerable to unauthorized access due to insufficient patch levels or the use of default or weak passwords. These conditions can leave the door open to unauthorized users who bypass application-level controls and directly alter data.
48 Simple Steps to Protect Your Database – #3. Audit User Access
Database access rights must be regularly reviewed and, if need be, revised to ensure user rights are consistent and properly limited. This is especially important given the rise of self-service applications and direct customer access. The failure to modify-
58 Simple Steps to Protect Your Database – #4. Know How Users Use the Database
One of the best defenses against outside attacks and internal fraud is the detection of anomalous activity. Implement database-monitoring tools that distinguish normal and abnormal activities for each user, and that can immediately respond to abnormal activities.
68 Simple Steps to Protect Your Database – #5. Verify Transaction Authenticity
A forensic trail generated through auditing tools can help verify the authenticity of database transactions.
78 Simple Steps to Protect Your Database – #6. Require Independent Review
Even trusted users can manipulate standard business practices to perpetrate fraud with special, end-of-period adjustments. Check all individual- and application-sourced changes to financial data to identify odd adjustments. And, verify adjustments with independent monitoring and auditing software, rather than the accounting software that your financial personnel use.
88 Simple Steps to Protect Your Database – #7. Automate Controls To Reduce Annual Audit Costs
Manual annual audits are expensive, cause seasonal spikes in resource requirements, overburden your staff, introduce errors and slow down other operations. Conversely, an automated, continuous monitoring of key database controls helps you identify issues throughout the year, enables quick resolution of issues and reduces expensive, time-consuming mitigation procedures.
98 Simple Steps to Protect Your Database – #8. Employ Encryption To Protect Data
Regulatory compliance requires that some data in the database be encrypted, but all companies should consider encryption as it mitigates risk.
108 Simple Steps to Protect Your Database – See More Slideshows Like This One
10 Things You Should Know About Databases10 New Technologies IBM Is Cooking in Its Innovation Labsby Clint BoultonA Uniform Desktop Is a Secure Desktopby Cameron SturdevantThe 15 Most Influential People in Security Todayby Ryan Naraine